Hacked routers used for paid DDoS attacks

The rent-a-DDoS service that knocked out Xbox Live and Playstation Network is powered by thousands of hacked residential internet routers, according to security journalist Brian Krebs.

The hacking group Lizard Squad has been using unsecured routers with unchanged passwords to build its own network of stresser bots that can be uses to take down sites with excessive fake traffic.

“As it turns out, that service draws on Internet bandwidth from hacked home Internet routers around the globe that are protected by little more than factory-default usernames and passwords,” Krebs explained on his blog.

According to The Guardian, the malware has also targeted commercial routers at companies and universities too, and worse uses infected systems to look for other routers to add to its arsenal. Krebs states, “in addition to turning the infected host into attack zombies, the malicious code uses the infected system to scan the Internet for additional devices that also allow access via factory default credentials, such as ‘admin/admin,’ or ‘root/12345’. In this way, each infected host is constantly trying to spread the infection to new home routers and other devices accepting incoming connections (via telnet) with default credentials.”